Authentication of a suspect object using extracted native features

ABSTRACT

A forgery detection system includes a computer server and a database system of digital fingerprint records corresponding to forged or altered objects of a given object type. Using the computer server, a digital image of a suspect object of the given object type is accessed, an authentication region is selected, and a native feature within the authentication region is extracted. The native feature describes physical characteristics of the authentication region without recognizing content that appears in the authentication region. The computer server forms a feature vector to represent the native feature in a compact form and queries the database system to obtain a result responsive to digital fingerprint records that match the feature vector. Each matching digital fingerprint record is counted, and if the count of fraud indicator matches crosses a predetermined threshold indicating a confidence level that the suspect object is forged or altered, a report based is generated and communicated to a user interface.

RELATED APPLICATIONS

This application is a divisional application of U.S. application Ser.No. 15/044,034, filed Feb. 15, 2016 (attorney docket 110266.402D1),which is a divisional application of U.S. application Ser. No.14/531,307, filed Nov. 3, 2014, now U.S. Pat. No. 9,582,714, which is anon-provisional of, and claims priority pursuant to 35 USC § 119(e) to,U.S. provisional application No. 61/898,780 filed Nov. 1, 2013, and toU.S. provisional application No. 61/914,722 filed Dec. 11, 2013. U.S.application Ser. No. 14/531,307 is also a continuation of U.S.application Ser. No. 14/290,653 filed May 29, 2014, now U.S. Pat. No.9,350,552, which is a continuation of U.S. application Ser. No.13/410,753 filed Mar. 2, 2012, now U.S. Pat. No. 8,774,455, which claimsbenefit of 61/448,465 filed on Mar. 2, 2011. U.S. application Ser. No.14/531,307 is also a continuation of U.S. application Ser. No.13/618,362 filed on Sep. 14, 2012, now U.S. Pat. No. 9,152,862, whichclaims benefit of 61/535,084 filed Sep. 15, 2011. All of theaforementioned applications are hereby incorporated by reference asthough fully set forth.

Copyright © 2011-2018 Alitheon, Inc. A portion of the disclosure of thispatent document contains material which is subject to copyrightprotection. The copyright owner has no objection to the facsimilereproduction by anyone of the patent document or the patent disclosure,as it appears in the Patent and Trademark Office patent file or records,but otherwise reserves all copyright rights whatsoever. 37 CFR §1.71(d).

BACKGROUND

Counterfeiting of manufactured goods is a worldwide problem, with recentstudies estimating that 8% of the world's total GDP is now generated bythe manufacturing and sales of counterfeit products. Many classes ofcounterfeit goods create substantial risks to public health includingcounterfeit pharmaceutical drugs, auto parts, pesticides, and children'stoys. In addition, counterfeit computer chips, aerospace parts, andidentification documents present significant risks to national security.

Authentication alone is not enough to stop counterfeiting.Counterfeiters use a variety of strategies, including divertingunfinished products from factories that make authentic goods and thenadding their own counterfeit brand identifiers such as labels and tags.Counterfeit items can enter the supply chain at any point, including atthe original manufacturing facility, at the shipper, in distribution, orin retail stores. Unless the manufacturer or supplier can identifyexactly where and when the item entered the supply chain, identifyingand eliminating the counterfeit goods can be almost impossible.

Many different approaches have been tried to uniquely identify andauthenticate objects, including labeling and tagging strategies usingserial numbers, bar codes, holographic labels, RFID tags, and hiddenpatterns using security inks or special fibers. All of these methods canbe duplicated, and many add a substantial extra cost to the productionof the goods sought to be protected. Physical labels and tags can alsobe easily lost, modified, or stolen.

SUMMARY OF THE DISCLOSURE

The following is a summary of the present disclosure in order to providea basic understanding of some features and context. This summary is notintended to identify key/critical elements of the invention or todelineate the scope of the invention. Its sole purpose is to presentsome concepts of the present disclosure in a simplified form as aprelude to the more detailed description that is presented later.

In an embodiment, individual objects are scanned and a unique digitalsignature is generated by a digital fingerprinting method that utilizesthe object's natural structure or features. The object is registered inthe system database. Once the object is registered, the DigitalFingerprinting Track and Trace System can track the location of anyobject as it passes through a supply chain, distribution network, orsales channel. The system maintains a database record for each uniqueobject, and can store any relevant data related to the object over thecourse of its lifetime. The system can be queried, generate reports, andanalyze data on individual objects or on sets of objects. Applicationsof the system include but are not limited to object authentication,determining the provenance of an object, creating audit trails, andidentifying where counterfeit goods are entering manufacturing,distribution or sales networks.

In other applications, an original digital fingerprint can be comparedto a subsequent digital fingerprint of an object to establish that theobject is the original, without regard to its history of locations orpossession since the original digital fingerprint was acquired andstored.

Another aspect of this disclosure relates to detecting a counterfeit orforged object, for example a document such as a drivers license orpassport. In this case, there may be no “original” or source objectdigital fingerprint for comparison. Rather, “fingerprints” of knownindicia of counterfeit or forged objects can be acquired and stored. Forexample, a large number of bogus New York State driver's licenses mightbe obtained by law enforcement officials in a raid or the like. Digitalimages of those forged documents can be acquired, and analyzed to formdigital fingerprints, as described in more detail below.

In an embodiment, “Forgery feature vectors” can be collected and storedin a database, for example, sharp, non-bleeding edges where a photographhas been replaced or torn paper fibers where an erasure occurred. Thesefingerprints can be searched and compared to detect a forged document. Acount of “fraud indicator matches” can be compared to an empiricalthreshold to determine a confidence that a document is forged (or not).Additional aspects and advantages of this invention will be apparentfrom the following detailed description of preferred embodiments, whichproceeds with reference to the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

In order to describe the manner in which the above-recited and otheradvantages and features of the disclosure can be obtained, a moreparticular description follows by reference to the specific embodimentsthereof which are illustrated in the appended drawings.

Understanding that these drawings depict only typical embodiments of theinvention and are not therefore to be considered to be limiting of itsscope, the invention will be described and explained with additionalspecificity and detail through the use of the accompanying drawings inwhich:

FIG. 1A is a simplified flow diagram illustrating a method for creatinga storing a digital fingerprint of an object in a database.

FIG. 1B illustrates a process that includes more robust featureextraction.

FIG. 2 is a simplified flow diagram illustrating a method for matching adigital fingerprint of a target object to a database of existing digitalfingerprints.

FIG. 3 is a simplified conceptual diagram showing scanning of an objectat various times and places along a manufacture and distribution chain.

FIG. 4 is a simplified conceptual diagram illustrating use of a mobiledevice application to query authentication information related to anobject.

FIG. 5 is a simplified flow diagram illustrating a method for trackingan object to verify its provenance.

FIG. 6 illustrates an example of authentication region and objectfeature definition for a U.S. passport.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

In this application, we use the term “scan” in a broad sense. We referto any means for capturing an image or set of images, which may be indigital form or transformed into digital form. The images may be twodimensional, three dimensional, or be in the form of a video. Thus a“scan” may refer to an image (or digital data that defines an image)captured by a scanner, a camera, a specially-adapted sensor array suchas CCD array, a microscope, a smart phone camera, a video camera, anx-ray machine, etc. Broadly, any device that can sense and captureelectromagnetic radiation that has traveled through an object, orreflected off of an object, is a candidate to create a “scan” of theobject. Various means to extract “fingerprints” or features from anobject may be used; for example, through sound, physical structure,chemical composition, or many others. The remainder of this applicationwill use terms like “image” but when doing so, the broader uses of thistechnology should be implied. In other words, alternative means toextract “fingerprints” or features from an object should be consideredequivalents within the scope of this disclosure.

Authentication Regions

Because digital fingerprinting works with many different types ofobjects, it is necessary to define what parts of the digital images ofthe objects are to be used for the extraction of features forauthentication purposes. This can vary widely for different classes ofobjects. In some cases it is the image of the entire object; in othercases it will be a specific sub-region of the image of the object. Forinstance, for a photograph we may want to use the digital image of theentire photograph for feature extraction. Each photograph is different,and there may be unique feature information anywhere in the photograph.So in this case, the authentication region will be the entirephotograph.

Multiple regions may be used for fingerprints for several reasons, twoof which are particularly important. It may be that there are severalregions where significant variations take place among different similarobjects that need to be distinguished while, in the same objects, theremay be regions of little significance. In that case a template may beused (see below) primarily to eliminate regions of little interest.

A bank note, for example, can be authenticated if a few small arbitraryregions scattered across the surface are fingerprinted, along withrecognizing the contents of a region telling the value of the bank noteand one containing the bank note's serial number. In such a case thefingerprints of any region (along with sufficient additional informationto determine the bank note's value and its purported identity) may besufficient to establish the authenticity of the bill and multiplefingerprinted regions are used solely in the event that one or moreregions may be absent (through, for example, tearing) when the bill islater presented for authentication. Sometimes, however, all regions ofan item must be authenticated to ensure the item is both authentic andhas not been altered.

A passport provides an example of feature extraction from anauthentication region; see FIG. 6. On a passport, the features that wemay want to use for authentication may be extracted from regionscontaining such specific identification information as the passportnumber, recipient name, and recipient photo, as illustrated in FIG. 6.In that case one may define a feature template specifying those regionswhose alteration from the original would invalidate the passport, suchregions including the passport holder's photo and unique personal data.

The ability to define and store the optimal authentication region for agiven class of objects offers significant benefits to the user, althoughit is not mandatory. In many cases it is much easier to scan a limitedregion of an object than the entire object. For instance, in the case ofan article of designer clothing, it is much easier to take a picture ofthe manufacturer's label than it is to take a picture of the entiregarment. Further, defining such regions enable the detection of partialalteration of the object.

Once an authentication region is defined, specific applications can becreated for different markets and classes of objects that can assist theuser in locating and scanning the optimal authentication region. Forinstance, an appropriately sized location box and crosshairs canautomatically appear in the viewfinder of a smartphone cameraapplication to help the user center the camera on the authenticationregion, and automatically lock onto the region and take the picture whenthe camera is focused on the correct area. It should be noted that whilesome examples discussed above are essentially two-dimensional objects(passport, bank note); the present disclosure is fully applicable tothree-dimensional objects as well. Scanning or image capture may be 2-D,3-D, stereoscopic, HD etc. Image capture is not limited to the use ofvisible light.

In many cases, objects may have permanent labels or other identifyinginformation attached to them. These can also be used as features fordigital fingerprinting. For instance, wine may be put into a glassbottle and a label affixed to the bottle. Since it is possible for alabel to be removed and reused, simply using the label itself as theauthentication region is often not sufficient. In this case we maydefine the authentication region to include both the label and thesubstrate it is attached to—in this case some portion of the glassbottle. This “label and substrate” approach may be useful in definingauthentication regions for many types of objects, such as consumer goodsand pharmaceutical packaging. If a label has been moved from itsoriginal position, this can be an indication of tampering orcounterfeiting. If the object has “tamper-proof” packaging, this mayalso be useful to include in the authentication region.

In some cases, we will want to use multiple authentication regions toextract unique features. For a firearm, for example, we might extractfeatures from two different parts of the weapon. It is, of course,important that both match the original but since the two parts may bothhave been taken from the original weapon and affixed to a weapon ofsubstandard quality, it may also be important to determine whether theirrelative positions have changed as well. In other words it may benecessary to determine that the distance (or other characteristic)between Part A's authentication region and Part B's authenticationregion is effectively unchanged, and only if that is accomplished canthe weapon be authenticated. Specifications of this type can be storedwith or as part of a digital fingerprint of the firearm.

Once a suitable digital fingerprint of an object is acquired, the object(actually some description of it) and corresponding fingerprint may bestored or “registered” in a database. For example, in some embodiments,the fingerprint may comprise one or more feature vectors. The databaseshould be secure. In some embodiments, a unique ID also may be assignedto an object. An ID may be a convenient index in some applications.However, it is not essential, as a digital fingerprint itself can serveas a key for searching a database. In other words, by identifying anobject by the unique features and characteristics of the object itself,arbitrary identifiers, labels, tags, etc. are unnecessary and, as noted,inherently unreliable.

FIG. 1 is a simplified flow diagram illustrating a method 100 forcreating and storing or “registering” a digital fingerprint of an objectin a database. The process in one embodiment includes acquiring adigital image of the object, block 102, as discussed above. A variety ofimage capture technologies and devices may be used as noted. Next,features are extracted, block 104, from the digital image data. Asexplained, specific features or regions of interest (authenticationregions) may be selected in support of subsequent identification orauthentication of the object. The extracted features are analyzed andfeature vectors are extracted to form a digital fingerprint—a digitalfile or record associated with the original image data, indicated atblock 106. The digital fingerprint preferably may be stored in adatabase record. Other forms of searchable digital data storage shouldbe deemed equivalents. Further, at block 110, initialization data shouldbe added to the database record, or associated with it in a relatedtable. This data is associated with the physical object that wasscanned. For example, a description, manufacturer, model number, serialnumber, contents—a wide variety of data, selected as appropriate oruseful depending on the type of object.

FIG. 1B illustrates a process that includes more robust featureextraction. In this example, we again begin with acquiring digital imagedata, block 120. We select at least one authentication region, block122. This may be done by analysis of the image data, analysis of relatedimage data, by reference to a predetermined template that defines atleast one authentication region, or other means. The next block 124calls for extracting a feature vector from the selected authenticationregion. A feature vector may be used to represent features of a regionin a more compact form. For example, a feature vector may comprise anarray of color or gray scale numeric values corresponding to areaswithin the selected authentication region. The values may each comprisea sum, average, maximum or other function of the individual values of acorresponding group of pixels forming a sub-part of the region. In someapplications, a feature vector may identify a location and shape of adistinctive aspect within a selected region. In decision 126, there maybe additional feature vectors to be extracted from the same image data.In that case, the flow returns, path 130, to repeat the featureextraction step 124. This loop 130 may repeat until all desired featurevectors are collected. Optionally, there may be another authenticationregion to process in the same image data, see decision 132. In thatcase, the outer loop 133 is traversed back to block 122 for furtherfeature extraction with respect to one or more additional authenticationregions. Then some or all of the extracted feature vectors may becombined to form a digital fingerprint, block 134, which is then stored,block 136, along with related data, block 138, as mentioned above. Theprocess returns or concludes at block 140.

A database of digital fingerprints can form the basis of a system totrack and trace the object through a supply chain, distribution network,or sales channel. A track and trace system based on digitalfingerprinting has unique advantages and provides unique capabilitiesthat are not available with track and trace systems based on traditionalmethods.

Holograms, bar codes and serial numbers can all be duplicated withvarying degrees of effort. This means that if the code or tag can beduplicated, then counterfeit objects or two objects with the sameidentifier can exist in the supply chain or distribution network. Theycan then be registered in a traditional track and trace system. All suchsystems rely on determining that the anti-counterfeit item (label,hologram, RFID tag) is legitimate, not that the item itself is.

Due to this weakness, track and trace systems based on traditionalapproaches like bar codes or serial numbers cannot prevent the resultingcorruption of the system database. A counterfeit object may bemistakenly identified as genuine, and generate a false audit trail as itis tracked through the supply chain. Two or more objects with the sameID (one genuine, one or more counterfeit) may exist at the same time.

Without physically examining the objects it is impossible to tell whichitem is genuine. Once identification is made as to which object isgenuine, the false trails must be removed from the database to restoreintegrity. This can be extremely difficult depending on the structure ofthe database and the complexity of the tracking data. In some cases theobjects may not have any further contact with the track and trace system(for instance if they are purchased by a consumer), and the record willnever be identified as false, leaving the database permanentlycorrupted.

In one embodiment of the Digital Fingerprinting Track and Trace System,an item may be scanned and identified at initial manufacture.Alternatively, an item may be scanned and identified at any subsequenttime or location for entry into a tracking system. This point ofidentification preferably is done when the item is either in thepossession of its manufacturer or has been transferred by secure meansto the current holder so that its legitimacy at the point ofidentification is adequately established.

The system then identifies the object every time it is scanned again,typically at discrete steps in manufacturing, distribution, and sale.FIG. 2 is a simplified flow diagram illustrating a method 200 formatching a digital fingerprint of a target object to a database ofexisting digital fingerprints. Here, we acquire image data of a “targetobject” i.e., the object we want to identify or authenticate by findinga match in the database, see block 202. We extract features from thetarget object image data, block 204, as discussed above. Then we createa new (second) digital fingerprint based on the extracted features,block 206. The next step is querying the database, block 208, for arecord that matches the second digital fingerprint record. “Matching” inthis context may be relative to a threshold confidence level rather thana binary decision. The requisite confidence level may vary depending onthe specific application. The confidence level required may be varieddynamically responsive to the data and experience with a given system.If no “matching” record is returned, decision 210, update the secondrecord (the digital fingerprint of the target object), block 212, toreflect that no match was found. If a match is returned, the matchingrecord is updated to reflect the match, for example, it may be linked tothe second record. The results may be returned to the user.

Typical tracking steps might include scanning at the point ofmanufacture, when packaged, when placed in inventory, when shipped, andat a retail point of purchase (upon arrival and again when sold), asillustrated in the tracking process 300 of FIG. 3. Each scan can be usedto update a remote database.

As mentioned earlier, a “scan” may refer to an image (or digital datathat defines an image) captured by a scanner, a camera, aspecially-adapted sensor array such as CCD array, a microscope, a smartphone camera, a video camera, an x-ray machine, etc. Broadly, any devicethat can sense and capture electromagnetic radiation that has traveledthrough an object, or reflected off of an object, is a candidate tocreate a “scan” of the object. It is critical to capture at least onenative feature of the object, as distinguished from a feature added tothe object for identification, such as a label, bar code, RFID tag,serial number, etc.

A “native feature” in this description is not concerned with reading orrecognizing meaningful content. For example, a label on a scanned objectwith a printed serial number may give rise to various features infingerprint processing, some of which may become part of a digitalfingerprint feature set or vector that is associated with the object.The features may refer to light and dark areas, locations, spacing, inkblobs, etc. This information may refer to the printed serial number onthe label, but there is no effort to actually “read” or recognize theprinted serial number (which may be bogus). Similarly, an RFID tagapplied to an object may give rise to a fingerprint vector responsive toits appearance and location on the object. However, no effort is made toactually stimulate or “read” data or signals from the tag.

While the most common application of track and trace systems is inmanufactured goods, the present system and methods, in various differentembodiments, may be applied to any object that can be identified with adigital fingerprint and tracked. These include but are not limited tomail pieces, parcels, art, coins, currency, precious metals, gems,jewelry, apparel, mechanical parts, consumer goods, integrated circuits,firearms, pharmaceuticals and food and beverages. Tracking may consistof any sequence of actions where the object is scanned, such as eachtime an object is appraised, authenticated, certified, auctioned,displayed, or loaned. The system may store both positive and negativeauthentication transactions. In an embodiment, the system may storelocation information (associated with a scan or fingerprint), whichprovides a profile of where counterfeit goods may be encountered.

FIG. 4 is a simplified conceptual diagram illustrating use of a mobiledevice application to query authentication information related to anobject. Here, various computing devices or terminals 402 may have accessover a network, for example, the Internet 404, to cloud computingfacilities/services such as a cloud server/datastore 406. For example,the devices 402 may be located at various points along a distributionchain as illustrated in FIG. 3, each location scanning an object andupdating the cloud server/datastore 406.

A server 412 may be provisioned to provide tracking and/or tracing dataanalysis and reporting. The server 412 has access to a datastore 420which may be used to store digital fingerprints and related data. Theserver can query or search the database 420 for digital fingerprintsearch and matching. The database 420 preferably is coupled to the cloudserver 406 in some embodiments. A mobile user device 410 such as asmartphone, tablet, laptop computer or dedicated device may beconfigured for communications with the server 412 to request and receivea reply or authentication report for an object of interest. Thisarchitecture is simplified and in any event is merely illustrative andnot intended to be limiting.

Continuous and Discrete Tracking

In some implementations, sensors may be attached to the object, andsensor data can flow back to the database in either a continuous fashion(near real time), or in discrete data transfer events. For example, datatransfer may occur when an authentication event occurs. For instance, ifthere is a GPS chip attached to the object, data flow can start when theobject is first registered in the system, and continue to flow as theobject changes location. Continuous (frequent) data updates can also bebuffered in local memory in a sensor attached to the item, and thendownloaded the next time the object is scanned and authenticated. Thisprovides a record of where the object has traveled (its itinerary).

As an example of the potential uses of sensor data, many products likefood and beverages can degrade with exposure to certain environmentalfactors over the course of their storage and shipment. Examples ofsensor data could include temperature, light exposure, altitude, oxygenlevel, or other factors, as well as location such as GPS data.

FIG. 5 is a simplified flow diagram illustrating one embodiment of aprocess 500 for tracking an object to verify its provenance. Here, anexpected itinerary of an object (a series of locations) may be stored ina datastore if known, block 502. The methods and systems described abovemay be used to track the object to the next location, block 504. If theobject does not arrive as expected (where and when expected according tothe itinerary), the failure may be reported to a user. In an embodiment,an object that arrives later than expected may be subjected to closermatching scrutiny to ensure its identity.

The next step, block 510, is to query the database for the next valid orexpected location. A unique itinerary may not be known, but a set ofvalid or expected locations may be known. The next actual location ofthe object (as determined by imaging and matching digital fingerprints)may be compared to the expected location(s) returned by the database,block 512. If that comparison indicates a departure from the expected orauthorized route, decision 520, the result may be reported to a user,block 522. (A report that the object is on track may be reported aswell.) Other options may be implemented such as a quantity check, block524. The process returns or terminates at block 526.

Most existing track and trace systems are only designed to be accessedby manufacturers or their authorized distributors, and often requirespecialized scanners or equipment. However, the consumer also has avested interest in determining whether the items that they are buyingare authentic. In some embodiments, the present system is designed toenable anyone along the supply, distribution, or sales chain, frommanufacturer to the retail consumer, to access the system and determinewhether the item is authentic. A specialized scanner is not required inall cases. For example, in one embodiment a mobile phone applicationdesigned for the consumer can be used to scan an object, query thedatabase, and determine if the object is authentic.

Finally, data collected by a digital fingerprinting system offers avariety of useful information to people along the supply, distributionand sales chain. Reports can be generated on individual items, or onsets of items. These reports can include but are not limited to thelocations of items over time, audit trails, points of entry ofcounterfeit goods, and exposure to environmental variables over thecourse of an object's useful lifetime.

Tags and Bar Codes

A tag may be added to an item, a barcode to a mail piece, etc. for tworeasons. First, the human may need it to know what the item is. This isthe identification function. It may identify the item to a store clerkas a particular style and size of clothing of a particular manufacturer;it may tell a postal carrier where to deliver a mail piece. Second,however, are tags that are only useful for a machine. Thus a four-statebar code on a mail piece (unreadable by humans) is used to route themail piece by machine. This entire class of machine readable tags can bereplaced by the methods of this patent. The first set may still beneeded for human use but are now divorced from their authenticationfunction.

Because we are exploiting natural features and often scanning the objectunder variable conditions, it is highly unlikely that two different“reads” will produce the exact same fingerprint. We therefore have tointroduce the ability to look up items in the database when there is anear-miss. For example, two feature vectors [0, 1, 5, 5, 6, 8] and [0,1, 6, 5, 6, 8] are not identical but (given the proper differencemetric) may be close enough to say with certainty that they are from thesame item that has been seen before. This is particularly true if,otherwise, the nearest feature vector of a different item is [5, 2, 5,8, 6, 4]. For example, a distance between vectors of n-dimensions iseasily calculated, and may be used as one metric of similarity or“closeness of match” between the vectors. One may also consider thedistance to the next nearest candidate.

Obviating the Chain of Custody

Many systems rely on a known “chain of custody” to verify authenticityof an object. The rules of evidence in court, for example, typicallyrequire proof of a chain of custody to demonstrate authenticity of ahair sample, weapon or other piece of physical evidence. From the timean object is collected at a crime scene, for example, it is typicallybagged, tagged, and moved into a locked box or evidence room forsafekeeping. Each person who removes it must attest to returning theoriginal item unchanged. Custody of the object from the crime scene tothe evidence locker to the courtroom must be accounted for as anunbroken chain. Digital fingerprinting techniques as disclosed hereincan be used to obviate most of that process. Provided an original objectis under the control and custody of an authorized or trusted entity atleast once, and a digital fingerprint, or an image suitable for forminga digital fingerprint of the object, is acquired under suchcircumstances, and stored, the object is uniquely identifiablethereafter by that fingerprint for the lifetime of the object.

Because digital fingerprinting works by extracting key features of anobject, it may be used to identify or authenticate objects even after agood deal of wear and tear.

At any subsequent time, a suspect or “target” object can be similarly“fingerprinted” and the subsequent fingerprint compared to the storedfingerprint of the original object. If they match, authenticity isestablished, regardless of where or in whose custody the object may havetraveled in the meantime. Returning to the crime scene example, if adigital fingerprint is acquired of a weapon taken from the crime scene,and the digital fingerprint stored, the weapon can be fingerprintedagain at any subsequent time, and the digital fingerprints compared toauthenticate to weapon. Custody of the weapon in the interim is nolonger an issue. Likewise when a coin or piece of art is stolen ourtechnology gives us the ability to continue the original provenance eventhough chain of custody has been lost (i.e. we know it is the same coinwe saw before even though it has not been in our direct possessionduring the time between theft and recovery).

Global Vs. Regional Feature Matching

In a case where we have the original document or other objectfingerprinted, our techniques allow region-by-region matching so that wecan tell what (if any) regions have been changed. Thus, for example, wemight get a really good overall match on a passport but none of thematches happen in the photograph—so we know the photograph probably waschanged. Further, if some individual or group, say Al Qaeda, has acertain pattern or regularity to altering passports—change the photo,the date of birth and one digit of the passport number, say—then thisability to find altered regions also gives us the ability to discern thepattern of changes and thus develop a signature of the group making thechanges. Thus aspects of the present technology can be applied not onlyto detect a forged or altered document, but to identify in some casesthe source of the bogus document.

It will be obvious to those having skill in the art that many changesmay be made to the details of the above-described embodiments withoutdeparting from the underlying principles of the invention. The scope ofthe present invention should, therefore, be determined only by thefollowing claims.

1. A forgery detection system, comprising: a computer server; a databasesystem operatively coupled to the computer server, the database systemstoring a forgery database comprising multiple digital fingerprintrecords, each of the digital fingerprint records corresponding to aforged or altered object of a given object type; and instructions storedin non-volatile memory and executable in the computer server to causethe computer server to: access a digital image of a suspect object ofthe given object type; select an authentication region of the digitalimage; extract a native feature within the selected authenticationregion wherein the native feature describes physical characteristics ofthe selected authentication region without recognizing content thatappears in the selected authentication region; form a feature vector torepresent the native feature in a compact form; query the databasesystem based on the feature vector to obtain a result responsive to zeroor more of the digital fingerprint records stored in the database systemmatching the feature vector, each matching digital fingerprint recorddefining a fraud indicator match; for each defined fraud indicatormatch, incrementing a count of fraud indicator matches; compare thecount of fraud indicator matches to a predetermined threshold value todetermine a confidence level that the suspect object is forged oraltered; generate a report based on the comparison; and transmit thereport to a user interface.
 2. The system of claim 1 wherein: at leastsome of the multiple digital fingerprint records of the forgery databaseinclude plural features from a single digital image; and for at leastsome of the plural features, the stored instructions cause the computerserver to: extract an additional feature from the single digital image;query the database system to find digital fingerprint records that matchthe additional feature; increment the count of fraud indicator matches;and update the determined confidence level that the suspect object isforged or altered.
 3. The system of claim 1 wherein: the forgerydatabase comprises digital fingerprint records that include at least onecorresponding feature from each one of multiple authentication regions;and the stored instructions cause the computer server to: select a firstauthentication region based on the given object type; extract a firstfeature from the first authentication region; query the database systemto identify first digital fingerprint records that match the firstauthentication region and first feature data pair; select a secondauthentication region based on the given object type; extract a secondfeature from the second authentication region; query the database systemto identify second digital fingerprint records that match the secondauthentication region and second feature data pair; and include a countof both first and second matching records in the count of fraudindicator matches.
 4. The system of claim 1 wherein the given objecttype is one of a negotiable instrument as defined in the UniformCommercial Code, a bill of lading or shipping document, an original workof art, a label on a bottle of wine.
 5. The system of claim 1 whereinselecting the authentication region is based on a predetermined templateaccessible to the computer server that defines at least oneauthentication region for the given object type.
 6. The system of claim1 wherein at least some of the multiple digital fingerprint recordsstored in the database system include data that indicates a source ofthe corresponding forged or altered object; and the stored instructionsexecutable in the computer server further to cause the computer serverto: generate or include in the report to the user interface anindication of the source(s) of the matching record(s) to help identifypersons or entities that may have forged or altered the suspect object.7. The system of claim 1 wherein the stored instructions executable inthe computer server further to cause the computer server to select thepredetermined threshold value for determining the confidence level basedon the given object type.
 8. The system of claim 1 wherein theconfidence level is determined empirically.
 9. The system of claim 1wherein the stored instructions executable in the computer serverfurther to cause the computer server, in a case that the result returnsno matching record, to update the digital fingerprint of the suspectobject to reflect that no match was found.
 10. The system of claim 1wherein the stored instructions executable in the computer serverfurther to cause the computer server, in a case that the result returnsa matching record, to update the digital fingerprint of the matchingrecord to reflect that the match was found.
 11. The system of claim 10wherein the stored instructions executable in the computer serverfurther to cause the computer server to update the digital fingerprintof the matching record to include a link to the suspect object or arecord associated with the suspect object.
 12. The system of claim 1wherein the digital image of the suspect object is captured by ascanner, a camera, a specially-adapted sensor array such as CCD array, amicroscope, a smart phone camera, or video camera.
 13. A method,comprising: acquiring digital image data from at least a selectedauthentication region of an object, without printing or adding anythingon to the object, and wherein the object has been previously forged oraltered at least in the selected authentication region from its originalstate; extracting at least one native feature from the acquired digitalimage data; wherein the at least one native feature describes physicalcharacteristics of the selected authentication region withoutrecognizing content that appears in the selected authentication region;forming a feature vector to represent the native feature in a compactform; storing the feature vector in a database record as part of adigital fingerprint of the object in a forgery database for use indetecting forged or altered objects among a class of objects to whichthe forged or altered object belongs; repeating the foregoing acquiring,extracting, forming and storing over additional forged or alteredobjects of the class of objects; based on the repeating, addingadditional records to the forgery database, the additional recordscomprising feature vectors representing corresponding native features ofthe selected authentication region in the additional forged or alteredobjects; acquiring second digital image data of a portion of a suspectobject, wherein the portion of the suspect object corresponds to theselected authentication region used to build the forgery database;extracting second features from the second image data; forming a secondfeature vector to represent the second features in the compact form;querying the forgery database using the second feature vector to obtaina result based on zero or more stored feature vectors that match thesecond feature vector, each stored feature vector that matches thesecond feature vector defining a fraud indicator match; counting anumber of fraud indicator matches; comparing the number of fraudindicator matches to a predetermined threshold value to determine aconfidence level that the suspect object is forged or altered;generating a report of the determined confidence level based on thecomparison; and transmitting the report to a user interface.
 14. Themethod of claim 13 wherein each feature vector comprises an array ofcolor or gray scale numeric values corresponding to a sub-region withinthe selected authentication region.
 15. The method of claim 14 whereinthe numeric values in the array each comprise a mathematical functioncombining individual values of a corresponding group of pixels formingthe sub-region of the selected authentication region.
 16. The method ofclaim 15 wherein the mathematical function is selected from a set offunctions that includes a sum, maximum, and average of the individualvalues.
 17. The method of claim 13 wherein extracting featureinformation includes selecting the authentication region based on apredetermined template that defines at least one authentication regionfor the class of objects to which the forged or altered objects belong.18. The method of claim 13 wherein at least one digital fingerprintstored in the forgery database corresponds to a forged or alterednumismatic object.
 19. A method, comprising: provisioning a forgerydatabase storing digital fingerprint records, each of the digitalfingerprint records corresponding to a forged or altered object, and atleast some of the digital fingerprint records stored in the forgerydatabase identifying a pair of authentication regions in thecorresponding forged or altered object and a known distance between thepair of authentication regions; accessing a digital image of a suspectobject; analyzing the digital image to locate the pair of authenticationregions; determining a distance between the pair of authenticationregions in the digital image; querying the forgery database to identifymatching digital fingerprint records based on the pair of authenticationregions and the known distance; generating a count of matching digitalfingerprint records returned in response to the querying; comparing thecount of matching digital fingerprint records to a predeterminedthreshold value to determine a confidence level that the suspect objectis forged or altered; generating a result based on the comparison; andstoring the result.
 20. The method of claim 19, comprising: updating adigital fingerprint of a matching record to include a link to thesuspect object or a record associated with the suspect object.